From 2d9c7d300476249d3f077f1ebc3efcbb1f0feb93 Mon Sep 17 00:00:00 2001
From: zowoq <59103226+zowoq@users.noreply.github.com>
Date: Mon, 9 Dec 2024 10:33:51 +1000
Subject: [PATCH] darwin02: upgrade to M4.M
---
docs/infrastructure.md | 6 +--
hosts/darwin02/default.nix | 6 +--
modules/nixos/hydra.nix | 2 +-
modules/shared/known-hosts.nix | 2 +-
secrets.yaml | 6 +--
secrets/hercules-binary-caches.age | Bin 1558 -> 1558 bytes
secrets/hercules-cluster-join-token.age | 44 +++++++++++-----------
terraform/cloudflare_nix-community_org.tf | 4 +-
8 files changed, 35 insertions(+), 35 deletions(-)
diff --git a/docs/infrastructure.md b/docs/infrastructure.md
index 72996a3..b23baf4 100644
--- a/docs/infrastructure.md
+++ b/docs/infrastructure.md
@@ -41,9 +41,9 @@
#### `darwin02` - [`CI builder`](./continuous-integration.md)
- Provider: OakHost
-- Instance type: [Apple Mac mini M2](https://www.oakhost.net/product/mac-mini-hosting-m2-24gb)
-- CPU: Apple M2
-- RAM: 24GB
+- Instance type: [Apple Mac mini M4.M](https://www.oakhost.net/product/mac-mini-hosting-m4-32gb)
+- CPU: Apple M4
+- RAM: 32GB
- Drives: 1TB SSD
#### `web02` - [`Monitoring`](./monitoring.md)
diff --git a/hosts/darwin02/default.nix b/hosts/darwin02/default.nix
index ee4945a..94bde9f 100644
--- a/hosts/darwin02/default.nix
+++ b/hosts/darwin02/default.nix
@@ -7,9 +7,9 @@
inputs.self.darwinModules.remote-builder
];
- nix.settings.max-jobs = 8;
+ nix.settings.max-jobs = 10;
- nixCommunity.darwin.ipv6 = "2a09:9340:808:60b::1 64 fe80::1";
+ nixCommunity.darwin.ipv6 = "2a01:4f8:d1:5715::2 64 2a01:4f8:d1:5715::1";
nix.settings.sandbox = "relaxed";
nix.settings.extra-platforms = [ "x86_64-darwin" ];
@@ -17,5 +17,5 @@
# disable nixos-tests
nix.settings.system-features = [ "big-parallel" ];
- system.stateVersion = 4;
+ system.stateVersion = 5;
}
diff --git a/modules/nixos/hydra.nix b/modules/nixos/hydra.nix
index 3f81209..bdd4060 100644
--- a/modules/nixos/hydra.nix
+++ b/modules/nixos/hydra.nix
@@ -50,7 +50,7 @@ in
printf "$machines" > $out
substituteInPlace $out --replace-fail 'ssh-ng://' 'ssh://'
substituteInPlace $out --replace-fail ' 80 ' ' 3 '
- substituteInPlace $out --replace-fail ' 8 ' ' 1 '
+ substituteInPlace $out --replace-fail ' 10 ' ' 1 '
'')
(pkgs.writeText "local" ''
diff --git a/modules/shared/known-hosts.nix b/modules/shared/known-hosts.nix
index 5fe8bed..3c92abb 100644
--- a/modules/shared/known-hosts.nix
+++ b/modules/shared/known-hosts.nix
@@ -22,7 +22,7 @@
};
darwin02 = {
hostNames = [ "darwin02.nix-community.org" ];
- publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIIcqYTe10t/jJitpfr0lr55lKVltAQkWiMp4tNY7mZQ";
+ publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMb/DRvrCZ65QB8OPimqthgUY9MZ+QO3QcFy6mpiUomV";
};
web02 = {
hostNames = [ "web02.nix-community.org" ];
diff --git a/secrets.yaml b/secrets.yaml
index c066132..3dc2070 100644
--- a/secrets.yaml
+++ b/secrets.yaml
@@ -17,7 +17,7 @@ ssh_host_ed25519_key:
darwin01:
customer: ENC[AES256_GCM,data:Ygqt1vjB9S95ME5S,iv:Rxjskp16qkiIP5+yqmQK76pGKL0Uu4qrDSOQRaQMlIU=,tag:A4aDNEWRDDnRrQr2/WwEvg==,type:str]
darwin02:
- customer: ENC[AES256_GCM,data:chYSwSmHVhy7L2Zi,iv:/IxfJdMVsGAuT0bkWUohEzHZTw5qaSh32GeFtgJFx5s=,tag:VPboLPxieQ42168scO+V1g==,type:str]
+ customer: ENC[AES256_GCM,data:GiWlgGPkOC73UpN/,iv:a4fdJ0uw9SZ3bkT6miUH4th2dfJy0xhrFrOgiDR+pc8=,tag:NOGgVeddAVPmNxhyCbyT3w==,type:str]
nix-community-alert-bot:
username: ENC[AES256_GCM,data:nA+jbVz3HtDgfDC+y2J4818=,iv:8Q7roobuWuXMnJXWKEJRjKlMYmvFUm5eodX5htLbVHY=,tag:r0FEOL9PByNYtL17hU7ApQ==,type:str]
home-server: ENC[AES256_GCM,data:k6rsrEvyCUQj,iv:TJBl7dYioATGVYOOETIajkaw+7LKsyrJDI0zmey3Uo4=,tag:ZuSahyrPlmj2qGp8vvuyOw==,type:str]
@@ -111,8 +111,8 @@ sops:
MkcvL1JyVFBJV0Y5RFFCMGN1OUFXdU0Kdx1wy6ZOOTg1a6VKaq52SMBvC26lMsW/
oMP+hmXc2WtoqZp+jZ9rrXz6cZW6/dO7CPqxl3aUEKg6BkXIwgyKeg==
-----END AGE ENCRYPTED FILE-----
- lastmodified: "2024-12-11T00:17:03Z"
- mac: ENC[AES256_GCM,data:rkAxmU6Yu4RbSkUvZ7UuxpsR5RgxwU+UTaJ7lX3y9JJP5Rz9qH5HB0xabIJgIsNKR5Bue+xU5JIqkajBtp+neq/+9Qm2CIfiJnsXc6nmcyjC6M2k0rXOJz4s02+tD0uZSW5HjuBOQir447bL5ISFoPzuEOuGvsQ0VO4463b1o3I=,iv:XRCB5ckxbKrbhPyZx/r8WEFIe4lq6lw1Mz2eunnQF6g=,tag:caBxLk67UdwrGIeWNFoYkA==,type:str]
+ lastmodified: "2024-12-12T04:10:17Z"
+ mac: ENC[AES256_GCM,data:MfsZWeIrvoPFXirZu/qPXLyE8Q1IEdLSBX+arQBncgcp1HFyNQHHa4VKnWYT8zbmwrdMMPxDKZLJnihQhmIICiOP19Lub0CwpAPzGhTdpOsMuMW5qoirTL1S89IcURoWoITuBafsxP5Iq2ZsIJK7CzHGK7tQTggmzfhzhjkS4j8=,iv:ea+SCt/qPrPuO8okdSvUNl6VG1rUd8MonTCb34beccE=,tag:iwVwCWjdppGrCt13jpSIRQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.2
diff --git a/secrets/hercules-binary-caches.age b/secrets/hercules-binary-caches.age
index 2d1c3f7e9fdedfb8265ead64f20fc1da0ccf98c2..766b7b7682e19ba427aa15ca6d4cb918316fe35e 100644
GIT binary patch
literal 1558
zcmZY7{qNia0mpINKthKEMwZAD<TPr4=1Z@4*M~E1*oW)2y<V^FT_5h|fIeM&?X|t@
z-L=;P0y+&$AehYYFcSv>nQUVTBm*P3VF)40!(7y`geL(PAsRwPrt%QyPy1#51+Tn6
z`Iw%&=EinfOy;8`zAi~UD1(8ut)<z_Uvr%bg244sUe$#mQ5ujEp_Zq8l_2ZmWaw8q
zowi4#V%jMXtlNuqd+8!8t}j(*0E9a%Xfh^mY9o5sW9=!&D=z2gx>JXlP$`;CQX>Xb
zIqsjUaXH+k<kG<I;l3Rj2?en$d+Kn#IlmADV%{@#Q=}$d7)X)K#9qV!9YlxuV5;G5
z1(U)6)xe(F>>Hz`KN5AOGVU*hDD4-kIia4b_3CV)dL^+Y5M>;<WMwE-!yH^zY$g(C
zSk$rmLccrp_-b|4i(0LM18f1SfnE?&R<)}uIYtjF9tE}YXr4gJ1<^22dqzS7xZc9g
zYU#`@5rWv&bHHaXkWYhp3z-zWrN@&TF|z@edKA+iDJCKqB3I*Ep;}CqSfFEa*z(z#
zkI%$Ls)S7i03(^#O%1O&36+TENR+2#+OH#YBy~v5!HM3gKk6$Ym|I=cMdo7`9hBv~
zfG0NOl8^-GNf9`B;#ZN3@TPg0(}{T$&<Ti1Z40tF1qpa0mHi4BL3*wvzL7Hv-E4ae
zO~%Ux0q}TOm=!n|2m@X$y9pVSRHI547UqC>wnEq`nGpp66&)`2D|F(u92%<xSW1DN
z7>{*eE@w5S$D&kC_0y3#C6;sADVzAjYok)tv>_|U>B&Nf69cQlhBWj8dD-=cY1cv9
z4m<)#Bb-gm(2ZNDwm{;1taYp7{OsCie=Co$Ow3D=xKbJ37bt~f#*2pLs%dShwDDX+
z=M5A$vW1|xW)0kr8^9vA6Bh5~E}3#O%L+2GvJBdZZBbYu59rLLU0O<7rVnxFYHhtd
zq`XqC64`2ofRf54GU1hzCT%30sLiXfr~AD~vdnajp<Y=gfDuEpqXvSzsk~${#&RsT
zs4`_H7{(DX=xSUD#u(mEAnO0x>J`fv5v7Q;=Jp)7Lrn-&#+dr4rWC}uiq+lNDGCH<
zkwP&-d*Km)8$?TVLV^ekDFz8n;xuEkF*_ZRB;<^$tX>NOMH@?s<DJ{)!(%rlN(CCg
zL6V_VbIPo=o;^@ID_fw-Wi3l3xw@dcWE42!*i&+VOE{6Xd}tspL?JF~D&O+Gu%;-2
znuo=r(VR*~zYn)1R0h`8)=DE<u-H6?TSLcR^0ijV`E}5RW?XmNa~aI25FL<L*kpyO
z05bph(=FtYI}TUgU2B@_UdX<Avia(vY`uEf&kkPkx4VpE=fA%p`{BA9TbmBOvv08X
z!Z-iB+!$z&NOx~KLtl3j_12XyeX-=<+``=Om~{EEo5<46^G*owaq%|u^<QlG)nnQ1
z!r&mg`8PL&7r&jO+8Zxo|3LC5zOm)xsegWJ&*n?KUw>)ScaEI;N%xBl|Jt$bl?x;B
zg@0fC;I2om%th-X=AAtcJ-Yjdef9e7yZ(Cpp7uT2ejB)D+v3Zw?R@X`^7l^t<^9Wc
zKX-b0$%zX#hbImwpMUM?ji-M6*^c;=!O5S0d|=nxkN@DR-yhnm|L(3|?qx2RUbEl-
z_EYJdTkibe*89#Jy>|T{9{SO}FW>*<!}r~N>)yl9^AF^oexC}qUVrnt*Umif^=q!$
z4I)=xwCCVgj_-RmK7HGtUb6q3f5e{t>3Q3CZQZ}Kp04)ohrjyarHdWw)^0nz{a&N~
h%zuvmz47iR_aDXX*m(PIpRZrqn4iyl*FE^h{{hmOFLVF^
literal 1558
zcmZY6+ppV%0mt!&PPB^DRg?m4RjJWHfELbtNpg}<b;Z}%@g*0>cH&JG+wm<<Y{zkY
z33t&Q!G^jC5SJZFd0>;KY3(^f>jYyfmv$FW;emr_Md77As-_BU5-Q@M<?_PI;V<~;
z_x-7sv0!+5m<5sJdq43*3y7iI!cX(lsl5<R)jY!Tf}G@7tLWIJnb0RDkX9-)!8B3$
zY=o<DB64kQ6r)<lsj@Nat2#kxmP+};z^?M%1WGitBj-#UfXqZ99bi701aUu${E?<4
zl@Q26zn!rxW`=$`H%(;h58`Uyu{lcD+o8-&3^z5?oH{|<0#>B?BHk%_x*Rvfd7qKg
zHlnc|#m*!qAi?5PsX(zd!kqD7SoY*-N>gODKhb?PSI=<LWEW-F1JeqcNkLp6;{6hg
z3jnIp-W(ljZaKzWtY2h=iP1NtHo+4$v6A>A4VQ=<Ocn~3qA4-}hwhvh_(P^<tE}AC
zvW%{Q<3f`#+_`J1C4gh$RF2^$BAT`O*ye0g4WrzEB}}^?mKZ|p(prbD4HYd$zN>8v
z;BpzN<=ajr=94^7f=r}4VfzJjC~I6a%eoFUYk;^jN25|wp0#=zuEz+|rgN!hlo$Oh
zggb^JI~0Yq$++6(!r`J*lPE8nK&)A?&E(q)H)@;=nwXU*dSgA)3P?lHT2ik);5(gZ
zA0mfcK;j$NVC;;>1+MPV5H-y;E2S>wiET0QQKY5PjcPD+5pdA$BX!87s#uY9{Z0*U
z>D)%G25UVB$;S>sKu+dC=s*!DR!QNe3$%=33lJ%Gq?bFmYg5C9=5)kdXmy4)QxK8>
zY<i+fN|@*dS=J6YlR<5LD!{xaz;fSalZ~1UjSLUT_kk&!8c5r58Lm<&lUZ?W%Ok{7
zs|CoUqVdQ{^<K&<0XfZOk*9PA6(f!+<%mq9xe_L7&ufsAiqL>*fa=CGc1{$gG`&$v
ziZW{=d8=NUQ?1SbZlMM{wuG);>9z!SELOX{0y76htT~+$t)eq`b6kT`#}MgL1Jo2T
zFsdj##9F0@Yt1o-bmA%nO)GU#>Vw}aNhc78wevHDD1u^z5+uoRY)zkpR(TRY^`LI6
zHHM4mrf)|>U3E}BH)4x}3huLJVDZJV$M?jMgz1V70-dTSi$%~&(rQz{j3&5oTY&d$
z9LWoFutl^ClXjU#vqX-@b%+Qsx1*r81PtgvZwfWAqEy+so2&NRUSe5_VR>np>$PIM
zhR`-_k0%m0@_Ba7l`T2(6_}~!78Vxr1+j=?0nFnWo5D=n=Ndr=8A)Cfvox3nDFA4O
z>7o%9c`$chIw$x3=8?VkzI1$2CT2>w{t*G5SUI^$Y+3v7$FHB+bLr_1?)3iu+L<1=
z{2{UFx%KMe`Y(RCa^vUlne@`zKU?|xeZi^gmR4t%_;-+#Ki|18Jod}?*e%<xKXvB*
z+M%mQU)g@^iD$0-W%0Oj-O*!5&h09#y?)0{w=Dg$P)Fk*+_>wrt4qV_KjJUW+DET0
zAC^D+_is;M+q5OQ=XaM6pZ(N4ziHpFN37j-_nvFx1An`jdE$Ke!0L8l>z4KPH@02)
z)49{TfBeu>e|>cGjwe?yqHjL`;PT21FFN$Koxi&EiOs+M&z1epJ^qD<>#I!p^leA~
zwYrr~@BiN)4(?ta?)v&8;Ne3IZ=P6dZeIK2$;aM(^7pR}&-aLz&+UEw;62ZtI?#Kc
zzHs@eV=M13UAVCPV78Q9j&6VS=2xgsoc+tM9$wk;8uj?aBfD=owC(K=?ByMA9e-e-
eMEwYlZvXR&u;;@UzPjSE>yK^Se6aTA!EXSXV>f01
diff --git a/secrets/hercules-cluster-join-token.age b/secrets/hercules-cluster-join-token.age
index 0910e57..e148b98 100644
--- a/secrets/hercules-cluster-join-token.age
+++ b/secrets/hercules-cluster-join-token.age
@@ -1,24 +1,24 @@
age-encryption.org/v1
+-> ssh-ed25519 w3WLfA x/YAHTSiimsim42u9TANr2sQAME5vxERtRYmytjGdjo
+S+XenvJjOIYQrj5ZveVZpULcm6bt/FrWy4uH+UZSiQE
+-> ssh-ed25519 Iw1MCQ MYjn2q/EMnLez6wb6DEh+ix36WRsmRzo9qLOXGxVMHo
+h2WPCfInagKRCIV1bNzCMWMRTS3SHQNV14BNKuspE2I
+-> ssh-ed25519 T9HyUg 7ur+zCdrqTHXGwB3Il1QWHDUD9PhM3tblVi6au7q2lc
+CuqzUS1Oz2L40jXDB6QXEVXy5u9C/G2zvfCHrVUq2Rw
-> ssh-rsa ALNSWw
-fq0a3DzqSL/2Y+uIvGw4xSAsbqpBYCc/NlzdOxBiPxpxkNNhuLG6PVJqhspQ8Mf4
-r1AjQNaIOqvVlmoiU80Q9kDYBuGeK1Az417tHGCbpPoYAmTsSvBB9mdmmyU8cpUP
-MfeYLol/7r3MjemZj+opEKLaWq2jJTQmtuQZMtZGEz3V2xgcvft/0dlYKT8pd9gV
-QowXNbdmMYYhSCfqouBpGMDbKgVSB0qFoMIRuwhpLo3on9oSxVT6mklLFpOsnmIR
-6c8N7W2GXupPHwCQVCgG9ODP7RXDTMf3o2y03eS3e9e+foLmpRNrQDYZeh9I1N0x
-bopjRnNYCxtCEOucvR8CNw
--> ssh-ed25519 Qi7vNw +hdmrSX/gQMXiJ4AuxQ1TrAnz/tJI+F/o0zL2dPJowM
-Ek68Ny9lKeQXwc/0KlvqbrXlFF2Ne/WztE8M24RO4HI
--> ssh-ed25519 MW0fCg X7AQTlH7F2kufamRFOnlT36Zn0pSkwmXlsV9vjjNXlo
-qDm/hx5oSFlMfNboKcsAET1pBu1NjAYP3iuZ+Fp9mAU
--> ssh-ed25519 92bXiA E/emjIGM8zcD0OhfqcZTBQK2XIQlcYXdEETBGJ2Y+jM
-OGjcCjSvocRI2ibfRV40zcjgmMv05Ofztp9Ks4HApfk
--> ssh-ed25519 h1lenA 48NzdNaJuVgwX2ef3/Lmzwi2DjGe1mboMhe9854ZZG4
-yfO4NGpOF06taOvEhwt4yXy/qSGqiSkOQzdhixkdhUA
--> ssh-ed25519 w3WLfA +6++Z73hkP1Q/lBmH9m2e/rF7eO+4960gVSUXqHWuG0
-RGO3CVf2jTc/6OUzytfgUh7ENsJxUITnlLDnQ+xSGFA
--> ssh-ed25519 Iw1MCQ 0+cfLTtN2FTBi/2l9mSKD/Npr0HoMtST9B2Z1D6WABg
-N3lTGoHXIDoFwTOq0Xop6IIDzjGJapGLj0jcgd67vcw
--> ssh-ed25519 pDXhDA Qln6c5tTYqeFz0oMeqa3wA8wdwJOHzgvfkgPtqj6DFM
-JRFzaPqpmaslS7PiaMWnplxIh11WEKeG2MKjwfDxiC4
---- iplbZKSnfNsY9uuvkRpsPc08Vm3lyFDftvgMvrIk1GU
-l�����4I�SQ)P���t5F�����a�LHA��5T�� o�ڎ��|���SRV$*�2e���X���e{���.h��3G��庪�;(S�Y��I/�W<Mmo�i�ne�ϕ�/z�'5{��������p�@m��������5���B~3>�r#��H�H����:����c��=�����F�(g��!��@�"��Q(��|`��+J�\0NVnf����w�{�3��^a硂n�[��������O�lm�y��Sl���P�إ�{z���S��9<)0b���J��Yh_
\ No newline at end of file
+FS4RHiHh1/8Hmv95mql4YKsEaVTfZBgZP8v6GWI15iGXap6Y5RGUYyRJFSxDCBax
+z+CIqEFVBDU27IOLcEE1d4Vu28TTZ58WZNKdJEUNFiV7bJti2sRjhNdDcyLYnqoO
+1R8fa++Ka45uC1aitrtnYlqw9H/ZHG2YKqm5mm08HpQOvXqivGn5sVtcPSSH0Csr
+Xu6a+mXQsrEtP2qDkR7W+ZUYVLxYrfuQczJ82OKfzUK+3G+myDpr/lYI0i97INEU
+rOSFs0SFC4oVwk6wugguCGGt/EaVbe5lBQBUlBMLeGkHGsSRgSHtBcS2ZW8NXYHk
+4OmXPu3e+qRf2iBXIZ1Q4w
+-> ssh-ed25519 Qi7vNw 9r6k1MAP2NOjy7K7zKmE//DLVCOYEGeLnD/HEGBLvjY
+TwEWyOQNqV+xU5MaQtYIf0VeWBL9lNLCrHSBlkxOprA
+-> ssh-ed25519 MW0fCg hyLX8herf6zasDRbYPnBIDKhHdmshpQpugzbjeMRkQk
+0cDaTwxrtaDLKlcMRYbjSXrAqbgFrCeZI9cEBA5HOdQ
+-> ssh-ed25519 92bXiA e6UBcl0RrKgags/0VZVT3bE8re+C9TY15RQrtZRKi1E
+rGhaV4Z2SdsmZ8Vor0/yv13XcOR2J7hYiT0u1g0V68s
+-> ssh-ed25519 h1lenA KEidSVfCZNOlPhFVePBaN6LHyPa95Nx3twjUXHsNzFM
+L0VG+NiujqusrEUoBz6ZaQgWEkyRPaXA8I6o02AIccc
+--- tHo6R3b+X52chttfjIV6SCssiWbZ2ZUAarYOQSfj18U
+�D�T��1� �_έ�*���`���� �#�^����(k�,��i�M���\S���͌�{�*͎����TY<?*��#�����s8$ږ�1��x�]�eF$�������1p�
��GBX���B��M�H�d6�q��N���/m�W���h��vu��j�u�J�'����S_?y���s��Z���o�6��]��Q���H��`�[DpN�r�?l��2K�t���0�����ϒ���x샼sä��j�\t#i40`��0����9��h��z���=:����4K}�U����
\ No newline at end of file
diff --git a/terraform/cloudflare_nix-community_org.tf b/terraform/cloudflare_nix-community_org.tf
index debf625..aab12ab 100644
--- a/terraform/cloudflare_nix-community_org.tf
+++ b/terraform/cloudflare_nix-community_org.tf
@@ -28,8 +28,8 @@ locals {
ipv6 = "2a01:4f8:d1:5716::2"
}
"darwin02" = {
- ipv4 = "85.209.53.203"
- ipv6 = "2a09:9340:808:60b::1"
+ ipv4 = "49.12.162.21"
+ ipv6 = "2a01:4f8:d1:5715::2"
}
"web02" = {
ipv4 = "46.226.105.188"